Infrastructure & Home Lab

Self-hosted, self-built, and self-managed - a production-grade multi-node environment for AI development, monitoring, and daily use. Every node, container, and service designed, deployed, and maintained by me.

Sanitized compute topology diagram showing the homelab backbone, core compute systems, segmented hosts, and secure overlay

Network Topology

Public-safe architecture view

This diagram is derived from the live NetBox inventory running in the stack, then intentionally sanitized for a public portfolio. It shows the backbone, compute fabric, segmented hosts, and secure overlay without exposing private addressing or internal admin detail.

What it shows

Core routing, switch fabric, major compute nodes, segmented hosts, and the private mesh overlay.

What it omits

LAN IPs, Tailscale IPs, interface names, internal DNS, and sensitive service paths.

Observability

Live monitoring across the stack

Grafana panels surface CPU, memory, disk, network, and uptime data across the hosts and services I run daily, backed by Prometheus, Alertmanager, and phone notifications.

GrafanaPrometheusAlertmanagerntfy

Portainer container management screenshot

Orchestration

Container orchestration at home-lab scale

Portainer gives a live operational view across the Docker stack, including NetBox, n8n, Neo4j, monitoring services, media services, automation tools, and internal support systems.

Docker ComposePortainerNetBoxn8nNeo4j

Sol - Custom-Built Workstation

AMD Ryzen 9 7950X (16-core/32-thread), RTX 4090 24 GB VRAM, 128 GB DDR5-6000 (4×32 GB), Samsung 990 PRO 2 TB + 4 TB NVMe SSDs, 1000 W Gold PSU, Corsair liquid cooling - running Ubuntu 24 XFCE for local AI inference, Whisper, Stable Diffusion, and ComfyUI.

Multi-Node Home Lab (Solar System)

9 nodes: Sol (AI workstation), NASA (Docker server), Lunanode1–5 (Raspberry Pi cluster for DNS, Nextcloud, Bitcoin, Home Assistant), Lunanode4 (Ubuntu Server reverse proxy/NUT), Proxmox hypervisor, and a Mac Mini. All connected via Tailscale mesh.

Full Observability Stack

Prometheus scraping 11 targets across 8 hosts, Grafana dashboards (Node Exporter Full, cAdvisor, custom provisioning), Alertmanager routing 15 alert rules to ntfy for real-time push alerts to phone. Custom systemd health-check timers for CPU temp, swap, load, and disk.

VLAN-Segmented Network

ASUS RT-BE7200 with Asuswrt-Merlin firmware + TP-Link managed switch. Four VLANs segmenting primary devices, IoT/smart home, isolated workstations, and peripherals. Tailscale subnet routing allows cross-VLAN access from anywhere. Pi-hole and NextDNS pipeline for network-wide DNS filtering.

Privacy & Security Stack

Pi-hole on Lunanode1 handles all DNS with upstream forwarding to NextDNS (per-VLAN profiles with custom blocklists). Mullvad VPN through Tailscale exit node for IP control. Cloudflare tunnel for external access - no ports exposed to the public internet. Fail2Ban on all nodes.

Caddy Reverse Proxy + Cloudflare Tunnel

Caddy on Lunanode4 reverse-proxies 30+ subdomains via a Cloudflared tunnel. Wildcard DNS on Cloudflare with automatic SSL/TLS. Each Docker service gets its own subdomain - zero port exposure, zero home IP disclosure. Custom header management, WebSocket support, and per-route timeouts configured.

Automated Backups & UPS Orchestration

Kopia backup server on Lunanode4: scheduled snapshots of every node synced offsite to Hetzner object storage. NUT UPS server on Lunanode4 monitors power and sends coordinated shutdown commands to all nodes at 25% battery. Wake-on-LAN for Sol configured via Lunanode4.

Multi-Model AI Infrastructure

Self-hosted Ollama Cloud for open-source model inference, plus API integrations with Claude, GPT-4, Gemini, DeepSeek, and Perplexity. Open WebUI with CUDA acceleration on Sol. LLM observability and tracing via Langfuse. Flowise for no-code LLM orchestration.

Screenshots from the Stack

Grafana - Node Exporter dashboard with gauges and time-series metrics across 8 hosts

Portainer - managing 40+ Docker containers on NASA

Uptime Kuma - real-time service health monitoring

n8n - automated workflow for content pipeline orchestration

Homarr - self-hosted service dashboard and homepage

Open WebUI - self-hosted LLM chat interface with CUDA acceleration

Node Inventory

Node	Role	OS	Notes
Sol	Primary workstation & AI compute node	Ubuntu 24 XFCE	AMD Ryzen 9 7950X · RTX 4090 24 GB · 128 GB DDR5-6000 · 6 TB NVMe
NASA	24/7 Docker server - all persistent services	Ubuntu Server	Runs the main 40+ container compose stack
Lunanode4	Reverse proxy, NUT UPS server, Caddy, Cloudflared tunnel	Ubuntu Server (x86)	Dual-homed across VLANs (ethernet + WiFi). Tailscale exit node & subnet router
Lunanode1	Pi-hole DNS server	Raspberry Pi OS 64-bit	Network-wide DNS filtering; Tailscale global nameserver
Lunanode2	Nextcloud instance	Raspberry Pi OS 64-bit Lite	Self-hosted file storage and collaboration
Lunanode3	Bitcoin Core full node	Raspberry Pi OS 64-bit Lite	Runs entirely from external SSD - no SD card
Lunanode5	Home Assistant	Ubuntu Server (x86)	Smart home automation on isolated IoT VLAN
Proxmoxbox	Proxmox hypervisor	Proxmox VE	Virtualization host for additional workloads
OpenClaw (Mac Mini)	macOS node for monitoring and SSH tunnels	macOS	On isolated Engage VLAN; monitored via Lunanode4 tunnel

Docker Stack (31+ containers)

Orchestrated via Docker Compose on NASA, the 24/7 server.

n8nOpen WebUI (CUDA)FlowiseSupabase (full stack)PostgreSQL + pgvectorNeo4jQdrantSearXNGLangfuseClickHouseMinIOPrometheusGrafanaAlertmanagerntfycAdvisorNode ExporterUptime KumaPortainerHomarrHomeboxIT-ToolsActual BudgetJitsiDocuSealInvoice NinjaJellyfinFormatter ServerEmail ServerTTS ServerValkey (Redis)